On Fri, 2006-01-20 at 09:27 +0400, Dmitry Melekhov wrote:
Very strange...
Do yuo have any suggestions?
Yes; going back to your previous posting,
syncrepl rid=1
provider=ldap://backup.p98.belkam.com:389
type=refreshOnly
interval=00:00:10:00
searchbase=o=Aspec,c=RU
On Ven 20 janvier 2006 00:57, Pierangelo Masarati wrote:
On Thu, 2006-01-19 at 15:47 -0800, Howard Chu wrote:
I suppose we could make back-ldap read the remote servers
subschemasubentry at startup time, or something, and import any schema
definitions that didn't clash with local ones.
Hi,
I'm trying to install Openldap 2.3.11 (I also tried the latest stable
version, i.e. Openldap 2.3.17)
on HPUX 11.i (64-bit)
I have installed successfully:
- gcc 4.0.2
- openSSL
- BDB 4.2.52 (I have used the same gcc 4.0.2 compiler to compile and
install)
I have set
Raphaël Ouazana-Sustowski wrote:
On Ven 20 janvier 2006 00:57, Pierangelo Masarati wrote:
On Thu, 2006-01-19 at 15:47 -0800, Howard Chu wrote:
I suppose we could make back-ldap read the remote servers
subschemasubentry at startup time, or something, and import any schema
definitions
Are there any guides or FAQs on upgrading from 2.2.x to 2.3.x? THere
seem to be significant advantages to running 2.3 over 2.2, but I'm
unsure of whether or not I can do an in-place upgrade or need to have
a more robust staging plan.
We currently have 1 master and 3 children syncing through
Hi Quanah,
Ok this is exactly what I was searching.
I Think you are involved in develop of openldap to know this thing.
But I like to know where this info could be get...from an adminstrator ,
if possible, without read the code!
Thanks a lot
Alex
On Thu, 2006-01-19 at 08:50 -0800, Quanah
At 09:34 PM 1/19/2006, Matthias Teege wrote:
How do I modify ... with ldapmodify?
Answering only the OpenLDAP-specific portion of your question:
Describe the desired modification using LDIF (RFC 2849) and
pass that LDIF to ldapmodify(1).
How to describe a particular modification using LDIF is
Hello,
I have two routines, both do paged searches however one returns all
attributes and the other returns no attributes.
The ldap procedure to return no attributes returns all 11,000 entries in
pages of 50 each (or even 100). The routine that returns all (non
operational) attributes, only
There are some configuration directives to limit the size/time of searches.
See slapd.conf(5) and look for sizelimit and timelimit.
_Matt
On 1/20/06, Ansar Mohammed [EMAIL PROTECTED] wrote:
Hello,
I have two routines, both do paged searches however one returns all
attributes and the other
--On Friday, January 20, 2006 7:56 AM -0500 Sean Hussey
[EMAIL PROTECTED] wrote:
Are there any guides or FAQs on upgrading from 2.2.x to 2.3.x? THere
seem to be significant advantages to running 2.3 over 2.2, but I'm
unsure of whether or not I can do an in-place upgrade or need to have
a
On Fri, 2006-01-20 at 10:56 -0500, Ansar Mohammed wrote:
Hello,
I have two routines, both do paged searches however one returns all
attributes and the other returns no attributes.
The ldap procedure to return no attributes returns all 11,000 entries in
pages of 50 each (or even 100). The
Just a small bit of background, I'm bringing this conversation over
from [EMAIL PROTECTED]
We have been running our campus LDAP service for a little while
now and
are starting to see some potential causes for concern. So I had a
couple of implementation questions for others who may or
This advice lives here: (and could probably due with some expansion)
http://www.openldap.org/faq/data/cache/842.html
On 1/20/06, Quanah Gibson-Mount [EMAIL PROTECTED] wrote:
--On Friday, January 20, 2006 7:56 AM -0500 Sean Hussey
[EMAIL PROTECTED] wrote:
Are there any guides or FAQs on
--On Friday, January 20, 2006 2:43 PM -0500 matthew sporleder
[EMAIL PROTECTED] wrote:
1. Separate directory from account data . . . perhaps using refers of
some sort to make it look like they're all one server/service.
Directory stuff is by far the most intensely searched, updated, and
I'm no expert, but I do run on Solaris (9), a couple of things I can
think of...
It may be worth adding the noatime flag to the filesystems that hold
data and (bdb) logs. You are indexing a lot of attributes, do you need
that many (are they based on what queries you are actually getting or
those
On Fri, 20 Jan 2006, Quanah Gibson-Mount wrote:
--On Friday, January 20, 2006 2:43 PM -0500 matthew sporleder
[EMAIL PROTECTED] wrote:
1. Separate directory from account data . . . perhaps using refers of
some sort to make it look like they're all one server/service.
Directory stuff is
--On Friday, January 20, 2006 8:14 PM + Spicer, Kevin
[EMAIL PROTECTED] wrote:
You have enough memory for 1.25 Gb of bdb cache? You don't post your
machine spec so its difficult to say if that is sane, but make sure its
not using lots of swap. I note that your bdb logs are on the same
1. Separate directory from account data . . . perhaps using
refers of
some sort to make it look like they're all one server/service.
Directory stuff is by far the most intensely searched, updated, and
involves unusual queries instead of a simple give me this one
entry,
thanks.
Splitting up
From: Daniel Henninger [mailto:[EMAIL PROTECTED]
It may be worth adding the noatime flag to the filesystems that hold
data and (bdb) logs. You are indexing a lot of attributes, do you
need
No atime? That's interesting. I've never heard of that, what does
that do?
From mount_ufs(1M)
On Fri, 20 Jan 2006, Quanah Gibson-Mount wrote:
--On Friday, January 20, 2006 3:34 PM -0500 Igor Brezac [EMAIL PROTECTED]
wrote:
Have you tried new sparc processors (T[12]000 line)? I'd be curious to
see they compare against the top x86 processors.
Not at this time. I'm not sure if
On Fri, 20 Jan 2006, Spicer, Kevin wrote:
From: Daniel Henninger [mailto:[EMAIL PROTECTED]
It may be worth adding the noatime flag to the filesystems that hold
data and (bdb) logs. You are indexing a lot of attributes, do you
need
No atime? That's interesting. I've never heard of that,
--On Friday, January 20, 2006 4:21 PM -0500 Igor Brezac [EMAIL PROTECTED]
wrote:
On Fri, 20 Jan 2006, Quanah Gibson-Mount wrote:
--On Friday, January 20, 2006 3:34 PM -0500 Igor Brezac [EMAIL PROTECTED]
wrote:
Have you tried new sparc processors (T[12]000 line)? I'd be curious to
--On Friday, January 20, 2006 12:24 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
One other suggestion. With Solaris 8, it is possible to use the Solaris 9
threading libraries. This was also a performance gain for me. The way to
do this is:
crle -a /usr/lib/libthread.so.1 -o
On Fri, 2006-01-20 at 16:16 -0600, Eric Irrgang wrote:
I already have my target directory set up that way but I don't know how to
do identity assertion from a regular ldap client without using SASL. Is
there a way? For instance, the following fails with ldapsearch: not
compiled with SASL
On Fri, 20 Jan 2006, Spicer, Kevin wrote:
You have enough memory for 1.25 Gb of bdb cache? You don't post your
I should hope so, they have 2.5 Gb of ram each.
Good good, but keep an eye out for excessive swapping, just in case.
In my experience with OL on Solaris 9, the moment you have to
On Fri, 20 Jan 2006, Pierangelo Masarati wrote:
What I don't follow you about is why are you trying to put back-ldap in
the middle. Isn't your problem about finding some way to allow regular
users to access the cn=config tree? You don't need back-ldap, you just
need to be able to authorize
I think my problem at this point is that I can't seem to get back-ldap to
use the authzID to try to assert another identity.
If I have the following then all operations are carried out as the
binddn, which is what I would expect.
idassert-bind bindmethod=simple
27 matches
Mail list logo